Controlled Access. Controlled access permits the Data Provider to establish the Data Access Policy to control access to Data based on non-discriminating criteria. Based on the Data Access Policy, the Data Access Committee shall grant access to individual Users, control their access to Data. UL/LCSB, acting both in its own name and on behalf of the Data Provider, shall enter into written Data Use agreements with Users. [OPTION 1: Data Provider hereby instructs UL/LCSB to control on behalf of the Data Provider access to Data. The Parties note that the Data do not include personal data and thus that the Data Protection Law does not apply to the Services. [OPTION 2: The Data Provider hereby authorises and empowers: UL/LCSB’s representatives in the Data Access Committee to decide on Data access requests by third parties applying to become Users and to access the Data (“Decision”), UL/LCSB to communicate (emails accepted) such Decision to the Data Provider; its own representatives to the Data Access Committee to exercise on its behalf a right to veto (by way of written/electronic notification, including via the Portal, addressed to the Data Access Committee) on the Decision within ten (10) days of their notification by UL/LCSB. In line with the objective of the ELIXIR initiative, the Data Provider undertakes to exercise its veto right only if legitimate reasons exist to object to the Decision. If the veto right is not exercised within this time limit, the Decision will be deemend to have been accepted by the Data Provider and UL/LCSB’s representatives in the Data Access Committee will be entitled to grant the User status to applicants and grants them access to the Data. The Parties note that, in such a case, the Luxembourg data protection authority (‘Commission nationale pour la protection des données’ or CNPD) has ruled that UL/LCSB and the Data Provider will act in capacity as joint controllers with respect to the decision to grant access to the Data. In line with article 26 of the Data Protection Law, the Parties have determined and declare that: The Data Provider will be in charge of and liable for: collecting the Data, obtaining Data subjects’ documented, valid and informed consent, or Ethics Approval allowing for the Data processing set forth hereunder, informing Data subjects of Data processing set forth hereunder, or documenting the application of Data Protection Law’s exception to information duties, pseudonymising the Data, and reviewing the Data access request and approving the Decision or exercising its veto right; UL/LCSB will be in charge of and liable for preparing the Decision in line with the Data Access Policy, communicating them to the Data Provider, and validating Users’ access requests (where the Data Provider has not exercised its veto right). With respect to the remainder of the Services, the Parties note and agree that UL/LCSB acts as a processor to the Data Provider. [OPTIONAL: The Data Provider may request UL/LCSB to store the Data on the Luxembourg ELIXIR Platform without allowing any access to Users for a limited period of time (the “Embargo Period”) which may not be longer than eighteen (18) months. The Data Provider shall pay UL/LCSB for the fees, costs and expenses associated with closed access storage and related services should the Data Provider fail to make the data available on the Luxembourg ELIXIR Platform for at least five (5) years after the end of the Embargo Period.] The Data Access Policy established by the Data Provider should respect the following principles: contain clear and precise requirements for Data access; should not contain any discriminating criteria based, e.g., on nationality, gender, race, political opinions; should contain Data use conditions, including terms for publication and intellectual property provisions; should contain Data access restrictions stemming from personal data protection, ethics or other national legal requirements. The Luxembourg ELIXIR Platform is financed by the Government of the Grand Duchy of Luxembourg and UL/LCSB, thus, the Services are provided in principle free of charge. However, UL/LCSB reserves the right to apply fees in certain particular situations where the amounts of the Data stored by the Data Provider exceeds the limit of 10TB. Such fees will be agreed upon between the Parties according to the amount of excessive Data. Should the public financing of the Luxembourg ELIXIR Platform be discontinued, UL/LCSB may request the payment of fees for the Services at any time by providing the Data Provider thirty (30) days written notice. Upon such notification, the Data Provider will have a possibility to terminate these General Terms of Services. After expiry of the notification date and if the Data Provider has not responded, the Services will be terminated in accordance with clause 14.
Appears in 1 contract
Sources: Hosting and Processing Agreement
Controlled Access. Controlled access permits the Data Provider to establish the Data Access Policy to control access to Data based on non-discriminating criteria. Based on the Data Access Policy, the Data Access Committee shall grant access to individual Users, control their access to Data. UL/LCSB, acting both in its own name and on behalf of the Data Provider, LCSB shall enter into written Data Use agreements Agreements with Users. [OPTION 1: Data Provider hereby instructs UL/LCSB to control on behalf of the Data Provider access to Data. The Parties note that the Data do not include personal data and thus that the Data Protection Law does not apply to the Services. [OPTION 2: The Data Provider hereby authorises and empowers: UL/LCSB’s representatives in the Data Access Committee to decide on Data access requests by third parties applying to become Users and to access the Data (“Decision”), UL/LCSB to communicate (emails accepted) such Decision to the Data Provider; its own representatives to the Data Access Committee to exercise on its behalf a right to veto (by way of written/electronic notification, including via the Portal, addressed to the Data Access Committee) on the Decision within ten (10) days of their notification by UL/LCSB. In line with the objective of the ELIXIR initiative, the Data Provider undertakes to exercise its veto right only if legitimate reasons exist to object to the Decision. If the veto right is not exercised within this time limit, the Decision will be deemend to have been accepted by the Data Provider and UL/LCSB’s representatives in the Data Access Committee will be entitled to grant the User status to applicants and grants them access to the Data. UL/LCSB’s representatives to sign a Data Use Agreement with a new User acting both in its own name and on behalf of the Data Provider once a Decision has been taken and no veto has been exercised. The Parties note that, in such a case, the Luxembourg data protection authority (‘Commission nationale pour la protection des données’ or CNPD) has ruled that UL/LCSB and the Data Provider will act in capacity as joint controllers with respect to the decision to grant access to the Data. In line with article 26 of the Data Protection Law, the Parties have determined and declare that: The Data Provider will be in charge of and liable for: collecting the Data, obtaining Data subjects’ documented, valid and informed consent, or Ethics Approval allowing for the Data processing set forth hereunder, informing Data subjects of Data processing set forth hereunder, or documenting the application of Data Protection Law’s exception to information duties, pseudonymising the Data, and reviewing the Data access request and approving the Decision or exercising its veto right; UL/LCSB will be in charge of and liable for preparing the Decision in line with the Data Access Policy, communicating them to the Data Provider, and validating Users’ access requests (where the Data Provider has not exercised its veto right). With respect to the remainder of the Services, the Parties note and agree that UL/LCSB acts as a processor to the Data Provider. [OPTIONAL: The Data Provider may request UL/LCSB to store the Data on the Luxembourg ELIXIR Platform without allowing any access to Users for a limited period of time (the “Embargo Period”) which may not be longer than eighteen (18) months. The Data Provider shall pay UL/LCSB for the fees, costs and expenses associated with closed access storage and related services should the Data Provider fail to make the data available on the Luxembourg ELIXIR Platform for at least five (5) years after the end of the Embargo Period.] The Data Access Policy established by the Data Provider should respect the following principles: contain clear and precise requirements for Data access; should not contain any discriminating criteria based, e.g., on nationality, gender, race, political opinions; should contain Data use conditions, including terms for publication and intellectual property provisions; should contain Data access restrictions stemming from personal data protection, ethics or other national legal requirements. The Luxembourg ELIXIR Platform is financed by the Government of the Grand Duchy of Luxembourg and UL/LCSB, thus, the Services are provided in principle free of charge. However, UL/LCSB reserves the right to apply fees in certain particular situations where the amounts of the Data stored by the Data Provider exceeds the limit of 10TB. Such fees will be agreed upon between the Parties according to the amount of excessive Data. Should the public financing of the Luxembourg ELIXIR Platform be discontinued, UL/LCSB may request the payment of fees for the Services at any time by providing the Data Provider thirty (30) days written notice. Upon such notification, the Data Provider will have a possibility to terminate these General Terms of Services. After expiry of the notification date and if the Data Provider has not responded, the Services will be terminated in accordance with clause 14.
Appears in 1 contract
Sources: Hosting and Processing Agreement
Controlled Access. Controlled access permits the Data Provider to establish the Data Access Policy to control access to Data based on non-discriminating criteria. Based on the Data Access Policy, the Data Access Committee shall grant access to individual Users, control their access to Data. UL/LCSB, acting both in its own name and on behalf of the Data Provider, LCSB shall enter into written Data Use agreements Agreements with Users. [OPTION 1: Data Provider hereby instructs UL/LCSB to control on behalf of the Data Provider access to Data. The Parties note that the Data do not include personal data and thus that the Data Protection Law does not apply to the Services. [OPTION 2: The Data Provider hereby authorises and empowers: UL/LCSB’s representatives in the Data Access Committee to decide on Data access requests by third parties applying to become Users and to access the Data (“Decision”), UL/LCSB to communicate (emails accepted) such Decision to the Data Provider; its own representatives to the Data Access Committee to exercise on its behalf a right to veto (by way of written/electronic notification, including via the Portal, addressed to the Data Access Committee) on the Decision within ten two (102) days calendar weeks of their notification by UL/LCSB. In line with the objective of the ELIXIR initiative, the Data Provider undertakes to exercise its veto right only if legitimate reasons exist to object to the Decision. If the veto right is not exercised within this time limit, the Decision will be deemend to have been accepted by the Data Provider and UL/LCSB’s representatives in the Data Access Committee will be entitled to grant the User status to applicants and grants them access to the Data. UL/LCSB’s representatives to sign a Data Use Agreement with a new User acting both in its own name and on behalf of the Data Provider once a Decision has been taken and no veto has been exercised. The Parties note that, in such a case, the Luxembourg data protection authority (‘Commission nationale pour la protection des données’ or CNPD) has ruled that UL/LCSB and the Data Provider will act in capacity as joint controllers with respect to the decision to grant access to the Data. In line with article 26 of the Data Protection Law, the Parties have determined and declare that: The Data Provider will be in charge of and liable for: collecting the Data, obtaining Data subjects’ documented, valid and informed consent, or Ethics Approval allowing for the Data processing set forth hereunder, informing Data subjects of Data processing set forth hereunder, or documenting the application of Data Protection Law’s exception to information duties, pseudonymising the Data, and reviewing the Data access request and approving the Decision or exercising its veto right; right;t UL/LCSB will be in charge of and liable for preparing the Decision in line with the Data Access Policy, communicating them to the Data Provider, and validating Users’ access requests (where the Data Provider has not exercised its veto right). With respect to the remainder of the Services, the Parties note and agree that UL/LCSB acts as a processor to the Data Provider. [OPTIONAL: The Data Provider may request UL/LCSB to store the Data on the Luxembourg ELIXIR Platform without allowing any access to Users for a limited period of time (the “Embargo Period”) which may not be longer than eighteen (18) months. The Data Provider shall pay UL/LCSB for the fees, costs and expenses associated with closed access storage and related services should the Data Provider fail to make the data available on the Luxembourg ELIXIR Platform for at least five (5) years after the end of the Embargo Period.] The Data Access Policy established by the Data Provider should respect the following principles: contain clear and precise requirements for Data access; should not contain any discriminating criteria based, e.g., on nationality, gender, race, political opinions; should contain Data use conditions, including terms for publication and intellectual property provisions; should contain Data access restrictions stemming from personal data protection, ethics or other national legal requirements. The access to the Data requested by User can be approved and given per entire datasets as defined in Annex D. Platform cannot produce subsets or give access to only selected variables within the Data. Data Providers can, with support of the Platform, minimise the Data and submit it as a new dataset along a new Access Policy in an amendment to Annex D. The Luxembourg ELIXIR Platform is financed by the Government of the Grand Duchy of Luxembourg and UL/LCSB, thus, the Services are provided in principle free of charge. However, UL/LCSB reserves the right to apply fees in certain particular situations where the amounts of the Data stored by the Data Provider exceeds the limit of 10TB. Such fees will be agreed upon between the Parties according to the amount of excessive Data. Should the public financing of the Luxembourg ELIXIR Platform be discontinued, UL/LCSB may request the payment of fees for the Services at any time by providing the Data Provider thirty (30) days written notice. Upon such notification, the Data Provider will have a possibility to terminate these General Terms of Services. After expiry of the notification date and if the Data Provider has not responded, the Services will be terminated in accordance with clause 14.
Appears in 1 contract
Sources: Hosting and Processing Agreement
Controlled Access. Controlled access permits the Data Provider to establish the Data Access Policy to control access to Data based on non-discriminating criteria. Based on the Data Access Policy, the Data Access Committee shall grant access to individual Users, control their access to Data. UL/LCSB, acting both in its own name and on behalf of the Data Provider, LCSB shall enter into written Data Use agreements Agreements with Users. [OPTION 1: Data Provider hereby instructs UL/LCSB to control on behalf of the Data Provider access to Data. [OPTION 2: The Data Provider hereby authorises and empowers: The Parties note that the Data do not include personal data and thus that the Data Protection Law does not apply to the Services. [OPTION 2: The Data Provider hereby authorises and empowers: ▪ UL/LCSB’s representatives in the Data Access Committee to decide on Data access requests by third parties applying to become Users and to access the Data (“Decision”), ▪ UL/LCSB to communicate (emails accepted) such Decision to the Data Provider; ▪ its own representatives to the Data Access Committee to exercise on its behalf a right to veto (by way of written/electronic notification, including via the Portal, addressed to the Data Access Committee) on the Decision within ten two (102) days calendar weeks of their notification by UL/LCSB. In line with the objective of the ELIXIR initiative, the Data Provider undertakes to exercise its veto right only if legitimate reasons exist to object to the Decision. If the veto right is not exercised within this time limit, the Decision will be deemend to have been accepted by the Data Provider and UL/LCSB’s representatives in the Data Access Committee will be entitled to grant the User status to applicants and grants them access to the Data. ▪ UL/LCSB’s representatives to sign a Data Use Agreement with a new User acting both in its own name and on behalf of the Data Provider once a Decision has been taken and no veto has been exercised. The Parties note that, in such a case, the Luxembourg data protection authority (‘Commission nationale pour la protection des données’ or CNPD) has ruled that UL/LCSB and the Data Provider will act in capacity as joint controllers with respect to the decision to grant access to the Data. In line with article 26 of the Data Protection Law, the Parties have determined and declare that: 1. The Data Provider will be in charge of and liable for: a. collecting the Data, b. obtaining Data subjects’ documented, valid and informed consent, or Ethics Approval allowing for the Data processing set forth hereunder, c. informing Data subjects of Data processing set forth hereunder, or documenting the application of Data Protection Law’s exception to information duties, d. pseudonymising the Data, and ▇. reviewing the Data access request and approving the Decision or exercising its veto right; UL/LCSB will be in charge of and liable for preparing the Decision in line with the Data Access Policy, communicating them to the Data Provider, and validating Users’ access requests (where the Data Provider has not exercised its veto right). With respect to the remainder of the Services, the Parties note and agree that UL/LCSB acts as a processor to the Data Provider. [OPTIONAL: The Data Provider may request UL/LCSB to store the Data on the Luxembourg ELIXIR Platform without allowing any access to Users for a limited period of time (the “Embargo Period”) which may not be longer than eighteen (18) months. The Data Provider shall pay UL/LCSB for the fees, costs and expenses associated with closed access storage and related services should the Data Provider fail to make the data available on the Luxembourg ELIXIR Platform for at least five (5) years after the end of the Embargo Period.] The Data Access Policy established by the Data Provider should respect the following principles: contain clear and precise requirements for Data access; should not contain any discriminating criteria based, e.g., on nationality, gender, race, political opinions; should contain Data use conditions, including terms for publication and intellectual property provisions; should contain Data access restrictions stemming from personal data protection, ethics or other national legal requirements. The Luxembourg ELIXIR Platform is financed by the Government of the Grand Duchy of Luxembourg and UL/LCSB, thus, the Services are provided in principle free of charge. However, UL/LCSB reserves the right to apply fees in certain particular situations where the amounts of the Data stored by the Data Provider exceeds the limit of 10TB. Such fees will be agreed upon between the Parties according to the amount of excessive Data. Should the public financing of the Luxembourg ELIXIR Platform be discontinued, UL/LCSB may request the payment of fees for the Services at any time by providing the Data Provider thirty (30) days written notice. Upon such notification, the Data Provider will have a possibility to terminate these General Terms of Services. After expiry of the notification date and if the Data Provider has not responded, the Services will be terminated in accordance with clause 14.right;t
Appears in 1 contract
Sources: Hosting and Processing Agreement